Apache 连接到上游时拒绝连接-Docker
我得到的错误: nginx#u prod|u vet | 2019/03/07 20:57:11[错误]6#6:*1 connect()失败 (111:连接被拒绝)连接到上游时,客户端: 172.23.0.1,服务器:,请求:“GET/backend HTTP/1.1”,上游:,主机:“localhost:90” 我的目标是使用nginx作为反向代理来传递前端文件,并将其他服务代理到前端,这样就可以从localhost:90/调用localhost:90/后端 我试图从容器外部访问后端,但它给出了上面的错误 以下是最相关的文件:Apache 连接到上游时拒绝连接-Docker,apache,docker,nginx,docker-compose,Apache,Docker,Nginx,Docker Compose,我得到的错误: nginx#u prod|u vet | 2019/03/07 20:57:11[错误]6#6:*1 connect()失败 (111:连接被拒绝)连接到上游时,客户端: 172.23.0.1,服务器:,请求:“GET/backend HTTP/1.1”,上游:,主机:“localhost:90” 我的目标是使用nginx作为反向代理来传递前端文件,并将其他服务代理到前端,这样就可以从localhost:90/调用localhost:90/后端 我试图从容器外部访问后端,但它给出
# docker-compose.yml
version: '3'
services:
nginx:
container_name: nginx_prod_vet
build:
context: .
dockerfile: nginx/prod/Dockerfile
ports:
- "90:80"
volumes:
- ./nginx/prod/prod.conf:/etc/nginx/nginx.conf:ro
networks:
- main
depends_on:
- backend
backend:
container_name: backend_prod_vet
build:
context: .
dockerfile: apache/Dockerfile
ports:
- "81:81"
networks:
- main
networks:
main:
driver: bridge
编辑: docker compose exec后端netstat-lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.11:38317 0.0.0.0:* LISTEN -
tcp 0 0 :::80 :::* LISTEN 1/httpd
docker compose exec nginx sh-c“nc后端81&&echo已打开| | echo已关闭”
docker compose exec backend netstat-lnpt
向我们显示,httpd webserver for servicebackend
正在侦听端口80
,而不是81
因此,您的Dockerfileapache/Dockerfile
在试图提供您的定制httpd配置方面可能是不正确的apache/apache.conf
进一步调查:
- 确保apache conf的主要内容符合您的预期:
docker compose exec backend cat/usr/local/apache2/conf/httpd.conf
- 检查您的后端服务日志:
docker compose logs backend
listen81
指令。您可以在apache/Dockerfile
文件中修复此问题:
# apache/Dockerfile
FROM httpd:2.4.32-alpine
RUN apk update; \
apk upgrade;
# Copy apache vhost file to proxy php requests to php-fpm container
COPY apache/apache.conf /usr/local/apache2/conf/apache.conf
RUN echo "Listen 81" >> /usr/local/apache2/conf/httpd.conf
RUN echo "Include /usr/local/apache2/conf/apache.conf" >> /usr/local/apache2/conf/httpd.conf
为什么后端容器监听端口81?
它不会为使不同的容器打开不同的端口增加任何价值。每个容器都有自己的IP地址,因此不需要避免docker compose项目中定义的服务之间的端口冲突。容器的状态如何?是否有后端容器的日志?是否可以在没有nginx的情况下使用其ip和端口访问它?发布
docker compose exec backend netstat-lnpt
的结果,并发布docker compose exec nginx sh-c“nc backend 81&&echo opened | | echo closed”的结果
@thomaslevel使用您的测试编辑问题。感谢您的回答,这对我帮助很大。只需在apache配置中添加listen 81,即可从localhost:81访问,但我的目标是使用nginx通过localhost:90/backend->apache:81代理apache。我在apache上使用了81,因为我认为容器需要位于不同的端口才能相互通信。它在端口81中不工作的另一个原因是,我错过了nginx配置中proxy_过程末尾的尾随/结尾。所以在那之后,我将apache改为监听端口80,它成功了。@fajuchem看一看。使用docker compose设置反向代理可以简单得多
# nginx/prod/prod.conf
user nginx;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
client_max_body_size 100m;
upstream backend {
server backend:81;
}
server {
listen 80;
charset utf-8;
root /dist/;
index index.html;
location /backend {
proxy_redirect off;
proxy_pass http://backend;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
}
# nginx/prod/Dockerfile
# build stage
FROM node:10.14.2-jessie as build-stage
WORKDIR /app/
COPY frontend/package.json /app/
RUN npm cache verify
RUN npm install
COPY frontend /app/
RUN npm run build
# production stage
FROM nginx:1.13.12-alpine as production-stage
COPY nginx/prod/prod.conf /etc/nginx/nginx.conf
COPY --from=build-stage /app/dist /dist/
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.11:38317 0.0.0.0:* LISTEN -
tcp 0 0 :::80 :::* LISTEN 1/httpd
closed.
# apache/Dockerfile
FROM httpd:2.4.32-alpine
RUN apk update; \
apk upgrade;
# Copy apache vhost file to proxy php requests to php-fpm container
COPY apache/apache.conf /usr/local/apache2/conf/apache.conf
RUN echo "Listen 81" >> /usr/local/apache2/conf/httpd.conf
RUN echo "Include /usr/local/apache2/conf/apache.conf" >> /usr/local/apache2/conf/httpd.conf